ETCHROCK PRIVACY POLICY

Effective Date: April 18, 2018

1.

Who are we?

We are Etch Rock Limited. You can contact us at security@etchrock.com. Other contact details are on our website.

2.

What’s the point of this policy?

2.1

It tells you what to expect when we collect your personal information. Please only use our service if you are completely happy with this policy.

2.2

Generally, the policy covers only information provided to us. If you give personal information to other people, such as payment providers or other websites, please check their privacy policies.

2.3

NB Note that personal information of participants collected by event organisers, which is principally their responsibility. We act as data processors of this information on their behalf. Please contact them if you need more information.

3.

Might the policy change?

3.1

NB Note that personal information of participants collected by event organisers, which is principally their responsibility. We act as data processors of this information on their behalf. Please contact them if you need more information.

4.

What do we collect?

4.1

Information which you upload to our service or otherwise give us such as your name, contact details, dob, gender and profiles and other photos.

4.2

Information which event organisers opt to collect from you when you book tickets for an event via our service. This may include sensitive personal information such as relevant medical history. (We collect this information as data processors on behalf of event organisers.)

4.3

Automated information such as the internet protocol (IP) address used to connect your device to the internet, connection information such as browser type and version, information about your device including device-type and device identifier, operating system and platform, mobile network data, a unique reference number linked to the data you enter on our system, login details, clickstream data, details of your activity with date / time stamps including pages you visited and your searches / transactions.

4.4

If you log in via Facebook or Strava: Information from your public profile, your email address and your friends list.

5.

What’s our reason / legal basis for collecting the information?

5.1

Because it’s necessary to provide you with our goods or services under our contract with you. We may use it for other purposes (such as email marketing) if you consent. In the case of automated information collected when you browse your site, we use this to manage and improve our service in accordance with our “legitimate interests”.

6.

What about cookies?

6.1

We and/or third parties use cookies and other tracking technologies on our website. A cookie is an identifier (a small file of letters and numbers) that is sent to your computer. Our website’s functionality will be limited if you configure your browser to reject cookies.

6.2

Cookies are widely used to make websites work, or work more efficiently, as well as to provide information to the website owner or others. Session cookies are temporary cookies that remain in the cookie file of your browser only until your browser is closed. They allow websites to link your actions during a browser session. Persistent cookies stay in the cookie file of your browser for longer (how long will depend on the lifetime of the specific cookie). For further information on cookies, including how to use your browser to block them and how to delete cookies already stored on your device, visit: www.allaboutcookies.org.

6.3

The following kinds of cookies may be used on this website:

a) Session cookies: These enable us to keep track of your movement from page to page and store your selections so you do not get asked repeatedly for the same information. They allow you to proceed through many pages of the site quickly and easily without having to authenticate or reprocess each new area you visit. For example, a session cookie remembers your shopping cart selection so you will have the items you selected when you are ready to check out.

b) Etch Rock system cookies: Persistent cookies (up to one years) remember your profile, timezone, shopping cart and other information to facilitate our service if you log back in..

d) Third party log-in cookies: If you log in through a third party website, that website will place its own cookies on your computer. For more information, please visit the relevant pages on third party sites as follows: Facebook. Strava.

e) JustGiving cookies: If you link your JustGiving account to your account on our website, a persistent cookie (up to [insert] days) is placed on your computer which allows you to log in to your JustGiving account while using our service without having to re-enter your details.

f) Google cookies: Persistent cookies (up to four years we believe) are set in connection with the following Google services on our site and these cookies may involve certain non-personally identifying information being sent to Google:

i) Google Analytics (“GA”): We use cookies to recognise and count the number of website visitors as well as providing other information about the visit such as duration, route through the website and what sites the visitor came from. This information helps us to improve the way our website works, for example by making sure users find what they need easily. You can specifically opt out of GA here. See below for other opt out routes.

ii) Google Universal Analytics (“UA”): We may also use UA (an enhanced version of GA). UA uses a persistent cookie (up to two years) and similar technologies to collect the kind of analytics information about your visit mentioned above. Click here for more information about security and privacy in UA. UA collection methods can be used to collect visitor usage data without cookies. We do not connect information about your visit with any other data that we hold about you and we do not upload to Google any data that allows Google to personally identify you

More information and opt out: Click here for Google’s privacy policy and here for more information about the kinds of cookies placed by Google. Click here for information about how Google uses data from its partners’ sites or apps as well as different ways to opt out of Google cookies.

g) Social media cookies: We use various social media and other third party features on our website including the “Like” button from Facebook, follow button from Twitter), Plus +1 button from Google, Pin It button from Pinterest, share / follow button from LinkedIn, embed button from YouTube, These features may involve the relevant companies using persistent cookies (for at least four years we believe) or linking your visit with cookies previously placed by them on your computer in order for them to collect information relating to your visit to our website or your interaction with their services or otherwise. Click the links shown above for further information about the specific features and those companies’ cookie / privacy practices generally as well as to opt out where this is possible.

h) Cookie-warning cookie: This cookie takes note of whether you are happy to accept cookies on this website based on your response to the message which appeared when you first visited the website. This persistent cookie will remember your preference for up to 30 days.

6.4

By continuing to use our website, having seen our cookie notice, we assume that you consent to use of the cookies outlined above.

7.

What do we do with personal information?

7.1

Provide our service, e.g. send service messages and fulfil orders.

7.2

Send you marketing messages, if you have given permission. You can withdraw permission at any time as explained on our service or by emailing us at the above email address.

7.3

Use it to recognise you when you visit or return to our service to track anonymised traffic and usage patterns, prevent or detect fraud or abuses and help us improve our service.

7.4

If you make available to us someone else’s email address, e.g. if you log in via Facebook, to send a referral message to that person and we will then immediately delete it.

8.

How long do we keep it?

8.1

We will generally delete your personal information when you close your account. However, we may keep some limited information for up to six years after your account is closed - for tax reasons and/or to help deal with any disputes. That timeframe may vary if we are legally required to keep information for a particular period.

8.2

We will delete personal information of event participants after 30 days following closure of the event organiser’s account.

8.3

We will keep your information which we use for marketing until you tell us to stop sending you marketing messages.

9.

To whom do we send or make available your personal information?

9.1

To other people who supply us with a service, e.g. e-commerce platform providers, website hosts, content delivery networks and businesses which help us send communications or monitor our website.

9.2

To Mailchimp (see privacy policy) and Hubspot (see privacy policy), if event organisers opt to use those services (via our platform) to enable them to email or otherwise communicate with you.

To other users of our service, if you create a public profile or otherwise include the personal information in a post, comment or other public action on our service. You have the option of hiding your profile and profile information. However, to remove information placed on the site such as comments and posts, you will need to delete your account.

9.5

To the relevant authorities or complainants, if we think the personal information breaches our terms and conditions, or it is necessary to protect us or others, or that a criminal act may have been committed, or we are required to do so by law or appropriate authority.

9.6

To potential buyers so far as reasonably necessary, in the case of an actual or proposed (including negotiations for a) sale or merger or business combination involving all or the relevant part of our business.

10.

What happens to your payment details?

10.1

These go direct to our payment partners. We do not receive such information. To ensure your details are not being used without consent, our payment partners may send your personal information to relevant third parties including credit reference and fraud prevention agencies, who may keep a record of that information.

11.

Do we send your information outside the European Union?

11.1

Your personal information which we collect is stored within the EU and is not transferred to any third countries except that your name and contact details may be transferred to the US by Mailchimp and/or Hubspot, both of which are certified under the EU-US Privacy Shield Framework. This provides certain safeguards in relation to the handling of your personal data. See here for more information.

12.

What rights do you have?

12.1

If the legal requirements are met: To ask us for access to your personal information, to rectify it if there are mistakes, to delete or restrict or object to its use in certain circumstances or to “data portability”.

12.2

If you have a complaint about how we are dealing with your personal information, please contact us via the email address above. If you are not happy with our response or think we are not handling your personal information in accordance with the law, you can complain to the Information Commissioner’s Office (ICO).

12.3

For more information about your rights, visit the ICO’s website: www.ico.org.uk.